Vulnerability scanners scan machines, networks, or apps searching for possible flaws that could be used by hackers to compromise the target.
Vulnerability scanner works by sending special data to the target, and based on the received response of the target, it can discover many things such as the following:
– Open ports
– Services
– Operating System
– Vulnerabilities
The main feature of any vulnerability scanner is task automation, it can automate several tasks such as information gathering, port scanning, service, and version detection. This can make your job faster and more efficient than doing everything manually.
Moreover, there are some disadvantages of using a vulnerability scanner. One of them is that the vulnerability scanners are very noisy by nature and can be quickly detected since they are sending lots of traffic over the network. So if you want to stay undetected/anonymous during the penetration test, then this is not the best option in my opinion.
The other disadvantage with a vulnerability scanner is that it can generate many false positives, meaning that it will report flaws in the target that may not exist in fact. But, it will also report a lot of false negatives, meaning that the scanner would miss or not report the flaws that really exist.
